Node selection for a new application in a multi-tenant cloud hosting environment

ABSTRACT

A method includes instantiating a first web application for a first application owner on a virtual machine and instantiating a second web application for a second application owner. The second application owner is different than the first application owner. Instantiating the second web application includes determining that the second web application is associated with an attribute. The first web application is also associated with the attribute, and the attribute comprises an implementation related property of the first web application and the second web application. Instantiating the second web application also includes identifying the virtual machine as configured to host web applications having the attribute, responsive to identifying the virtual machine, instantiating the second web application on the virtual machine hosting the first web application. The second web application is prevented from accessing the first web application and the first web application is prevented from accessing the second web application.

CROSS-REFERENCE TO RELATED APPLICATION

This Continuation Application claims priority to U.S. patent applicationSer. No. 13/461,699, filed on May 1, 2012, which is incorporated byreference herein in its entirety.

TECHNICAL FIELD

The embodiments of the invention relate generally to cloud-basedapplication hosting and, more specifically, relate to node selection fora cloud-based application.

BACKGROUND

Cloud computing is a computing paradigm in which a customer pays a“cloud provider” to execute a program on computer hardware owned and/orcontrolled by the cloud provider. It is common for cloud providers tomake virtual machines hosted on its computer hardware available tocustomers for this purpose. The cloud provider typically provides aninterface that a customer can use to requisition virtual machines andassociated resources such as processors, storage, and network services,etc., as well as an interface a customer can use to install and executethe customer's program on the virtual machines that the customerrequisitions, together with additional software on which the customer'sprogram depends. For programs that are web applications, the additionalsoftware can include such software components as middleware and aframework. Web applications are programs that receive and act onrequests in web or other Internet protocols, such as HTTP. It is commonfor a user to interact with a web application via a browser executing onthe user's client computer system to send requests in a web protocol viathe Internet to a server computer system on which the web application isexecuting. It is also common for automatic user agents to interact withweb applications in web protocols in the same fashion.

While many web applications are suitable for execution in the cloud, itoften requires significant expertise and effort in order to install,execute, and manage a web application in the cloud. For example, anadministrator typically should identify all of the software componentsfor the execution of a web application, and what versions of thosesoftware components are acceptable. In addition, the administratortypically should obtain, install, and appropriately configure each suchsoftware component, as well as the application itself. Where this highlevel of expertise and effort has been invested in order to get a webapplication running on a particular hypervisor and in a particularprovider's cloud, a similarly high level of expertise and effort usuallyshould be subsequently invested in order to execute the web applicationinstead or in addition on a different hypervisor and/or in a differentparticular provider's cloud. Also, it can be difficult or impossible toobtain useful information about how the application is performing andotherwise behaving when executing in the cloud.

Accordingly, software and/or hardware facilities for facilitating theexecution of web applications in the cloud have been introduced, and areknown as Platform-as-a-Service (PaaS) offerings and systems. PaaSofferings facilitate deployment of applications without the cost andcomplexity of buying and managing the underlying hardware and softwareand provisioning hosting capabilities, providing all of the facilitiesfor supporting the complete life cycle of building and delivering webapplication and services entirely available from the Internet.Typically, these facilities operate as one or more virtual machines(VMs) running on top of a hypervisor in a host server.

In present PaaS offerings, a first customer's deployed applications donot co-exist with any other customer's deployed applications on the VMsthat are hosting the first customer's deployed applications. However,such an arrangement can be inefficient to the PaaS provider offering theplatform services. This is because a customer often deploys a singleapplication, and the size of the VM does not correspond to the size ofthe application. It can be costly to initialize a new VM for eachcustomer's application deployment, and it can also be a waste ofresources that are not being utilized. In a public cloud environment, aPaaS provider pays for deploying a VM whether the VM lies idle or not.In a private cloud environment, there is still a strain on resources forrunning VMs that are not completely utilized. As such, it may be morecost-efficient to deploy applications of multiple customers in a singleVM, rather than associating a VM or a group of VMs with a singleapplication or a group of applications from a single customer. However,a variety of implementation concerns arise when considering deployingapplications of multiple customers in a single VM, such as securityconcerns and efficient resource sharing concerns.

BRIEF DESCRIPTION OF THE DRAWINGS

The invention will be understood more fully from the detaileddescription given below and from the accompanying drawings of variousembodiments of the invention. The drawings, however, should not be takento limit the invention to the specific embodiments, but are forexplanation and understanding only.

FIG. 1 is a block diagram of a network architecture in which embodimentsof the invention may operate;

FIG. 2A is a block diagram of a PaaS system architecture according to anembodiment of the invention;

FIG. 2B is a block diagram a node layer of a PaaS system according to anembodiment of the invention;

FIG. 3A is a block diagram of a communication infrastructure between aserver orchestration system and a node according to an embodiment of theinvention;

FIG. 3B is a block diagram of a implementing idling using a reverseproxy server according to an embodiment of the invention;

FIG. 3C is a flow diagram illustrating a method for idling anapplication according to an embodiment of the invention;

FIG. 3D is a flow diagram illustrating a method for restarting an idleapplication according to an embodiment of the invention;

FIG. 4 is a flow diagram illustrating a method for determining customfacts for a node according to an embodiment of the invention;

FIG. 5 is a flow diagram illustrating a method for creating a newapplication on a node according to an embodiment of the invention;

FIG. 6 is a flow diagram illustrating a method for calculating thecapacity of a node to host a new application according to an embodimentof the invention;

FIG. 7 is a flow diagram illustrating a method for calculating thecapacity of a node to host a new application according to anotherembodiment of the invention;

FIG. 8 illustrates a block diagram of one embodiment of a computersystem.

DETAILED DESCRIPTION

Embodiments of the invention provide for node selection for a newapplication in a multi-tenant cloud hosting environment. A method of theinvention includes receiving a request to host a software application onone of a plurality of nodes of a cloud computing infrastructure, eachnode configured to host multiple software applications of differentcustomers. A set of available nodes from the plurality of nodes can beidentified on which the software application can be hosted and thecapacity of each identified node to host additional softwareapplications can be determined. Then, a node is selected to host thesoftware application using the determined capacities.

In the following description, numerous details are set forth. It will beapparent, however, to one skilled in the art, that the present inventionmay be practiced without these specific details. In some instances,well-known structures and devices are shown in block diagram form,rather than in detail, in order to avoid obscuring the presentinvention.

Some portions of the detailed descriptions which follow are presented interms of algorithms and symbolic representations of operations on databits within a computer memory. These algorithmic descriptions andrepresentations are the means used by those skilled in the dataprocessing arts to most effectively convey the substance of their workto others skilled in the art. An algorithm is here, and generally,conceived to be a self-consistent sequence of steps leading to a desiredresult. The steps are those requiring physical manipulations of physicalquantities. Usually, though not necessarily, these quantities take theform of electrical or magnetic signals capable of being stored,transferred, combined, compared, and otherwise manipulated. It hasproven convenient at times, principally for reasons of common usage, torefer to these signals as bits, values, elements, symbols, characters,terms, numbers, or the like.

It should be borne in mind, however, that all of these and similar termsare to be associated with the appropriate physical quantities and aremerely convenient labels applied to these quantities. Unlessspecifically stated otherwise, as apparent from the followingdiscussion, it is appreciated that throughout the description,discussions utilizing terms such as “sending”, “receiving”, “attaching”,“forwarding”, “caching”, “executing,” “applying,” “discovering,”identifying,” “configuring,” “establishing,” “determining,” or the like,refer to the action and processes of a computer system, or similarelectronic computing device, that manipulates and transforms datarepresented as physical (electronic) quantities within the computersystem's registers and memories into other data similarly represented asphysical quantities within the computer system memories or registers orother such information storage, transmission or display devices.

The present invention also relates to an apparatus for performing theoperations herein. This apparatus may be specially constructed for therequired purposes, or it may comprise a general purpose computerselectively activated or reconfigured by a computer program stored inthe computer. Such a computer program may be stored in a machinereadable storage medium, such as, but not limited to, any type of diskincluding floppy disks, optical disks, CD-ROMs, and magnetic-opticaldisks, read-only memories (ROMs), random access memories (RAMs), EPROMs,EEPROMs, magnetic or optical cards, or any type of media suitable forstoring electronic instructions, each coupled to a computer system bus.

The algorithms and displays presented herein are not inherently relatedto any particular computer or other apparatus. Various general purposesystems may be used with programs in accordance with the teachingsherein, or it may prove convenient to construct more specializedapparatus to perform the required method steps. The required structurefor a variety of these systems will appear as set forth in thedescription below. In addition, the present invention is not describedwith reference to any particular programming language. It will beappreciated that a variety of programming languages may be used toimplement the teachings of the invention as described herein.

The present invention may be provided as a computer program product, orsoftware, that may include a machine-readable medium having storedthereon instructions, which may be used to program a computer system (orother electronic devices) to perform a process according to the presentinvention. A machine-readable medium includes any mechanism for storingor transmitting information in a form readable by a machine (e.g., acomputer). For example, a machine-readable (e.g., computer-readable)medium includes a machine (e.g., a computer) readable storage medium(e.g., read only memory (“ROM”), random access memory (“RAM”), magneticdisk storage media, optical storage media, flash memory devices, etc.),etc.

Embodiments of the invention provide a method of selecting a node onwhich to launch a new application in a multi-tenant cloud-based PaaSenvironment. In one embodiment, the capacity of each available node iscalculated and the node with the most capacity is selected to host thenew application. In one embodiment, capacity is based on the number ofsoftware repositories on a node. In other embodiments, the capacity canbe based on the number of active applications, or some weighted sum ofthe number or repositories and/or applications.

FIG. 1 is a block diagram of a network architecture 100 in whichembodiments of the invention may operate. The network architecture 100includes a cloud 130 managed by a cloud provider system 104. The cloud130 provides virtual machines, such as virtual machines 111, 112, 121,and 122. Each virtual machine is hosted on a physical machine configuredas part of the cloud 130. Such physical machines are often located in adata center. For example, virtual machines 111 and 112 are hosted onphysical machine 110 in cloud 130 provided by cloud provider 104. Userscan interact with applications executing on cloud-based virtual machinesusing client computer systems, such as clients 160, 170 and 180, viacorresponding web browser programs 161, 171 and 181.

Clients 160, 170 and 190 are connected to hosts 110, 120 and the cloudprovider system 104 via a network 102, which may be may be a privatenetwork (e.g., a local area network (LAN), a wide area network (WAN),intranet, or other similar private networks) or a public network (e.g.,the Internet). Each client 160, 170, 190 may be a mobile device, a PDA,a laptop, a desktop computer, or any other computing device. Each host110, 120 may be a server computer system, a desktop computer or anyother computing device. The cloud provider system 104 may include one ormore machines such as server computers, desktop computers, etc.

In one embodiment, the cloud provider system 104 is coupled to a cloudcontroller 108 via the network 102. The cloud controller 108 may resideon one or more machines (e.g., server computers, desktop computers,etc.) and may manage the execution of the Web applications in the cloud130. In one embodiment, the cloud controller 108 receives commands fromPaaS broker server 135. Based on these commands, the cloud controller108 provides data associated with different applications to the cloudprovider system 104.

Some of the clients 160-180 access the Web applications hosted on theVMs 111-122 as users. For example, a Web application can be an onlinesocial network or blog, and a client can log into the social network orblog to update content and generally use the functionality of the Webapplication. In one embodiment, each VM 111-122 is a multi-tenant node,meaning each VM can host multiple Web applications owned or managed bydifferent clients. For example, VM 112 is shown hosting two applicationsof different users or customers, namely, App1 113 and App2 114. A clientmachine, such as client 1 160 can also be used to create and manage Webapplications, such as for example App1 113 hosted by VM 112. As isexplained in more detail below, in one embodiment, client 1 160 may be amachine used by a customer of a PaaS system to create or upload a Webapplication to be hosted by the PaaS system.

The client 160 can include tools 138. Alternatively, tools 138 can beprovided by the PaaS broker server 135, and a user of the client 150 canaccess tools 138 via the browser 161, a command line, or otherinterface. The tools 138 can be used to issue commands that result inthe PaaS broker server 135 creating and managing a Web application onone of the VMs, such as VM1 112, shown as hosting two applications(App1, App2). In one embodiment, the client 160 can also include asource code management (SCM) 139 system, such as Git, to manage versioncontrol and to send code to a remote repository on the host nodes110-120.

In one embodiment, to identify VM1 as the node to create the Webapplication on, the PaaS broker server 135 can communicate with andcollect information from the VMs using a server orchestration system136. In one embodiment, the PaaS broker server 135 maintains applicationinformation 142 about each Web application being hosted on the VMs totrack which VM each application is hosted on. Since each VM hostsmultiple applications belonging to different application owners in amulti-tenant node environment, applications have specific identifiers asthe identifier of the node can correspond to multiple applications.Unique identification of applications, along with sandboxing techniquesincluding security, segregation, and isolation can be used keep eachapplication from accessing or interfering with another application thatmay be managed by a different owner. For example, on Linux-based nodes,SELinux™ security labeling can be used to secure access to theapplications and Linux control groups can be used to segregateapplication into different processing spaces, and kernel namespacing canbe further used to segregate applications. Tools such as Diskquota™ canthen be used to allocate separate resources to the isolatedapplications. Nodes running other operating system environments can useother such sandboxing techniques to segregate and isolate applicationsfrom one another and from the node operating system.

While various embodiments are described in terms of the environmentdescribed above, those skilled in the art will appreciate that thefacility may be implemented in a variety of other environments includinga single, monolithic computer system, as well as various othercombinations of computer systems or similar devices connected in variousways.

FIG. 2A is a block diagram of a PaaS system architecture 200. The PaaSarchitecture 200 allows users to launch software applications in a cloudcomputing environment, such as the could computing environment providedin network architecture 100 described with respect to FIG. 1. The PaaSarchitecture 200, in one embodiment, includes a client layer 210. In oneembodiment, the client layer 210 resides on a client machine, such as aworkstation of the software developer. In another embodiment, the clientlayer 210 resides on a server and is accessible to the client machinevia the browser. The client layer 210 includes a source code managementsystem 212, sometimes referred to as “SCM” or revision control system.

One example of such an SCM or revision control system is Git, availableas open source software. Git, and other such distributed SCM systems,usually include a working directory for making changes, and a localsoftware repository for storing the changes. The packaged softwareapplication can then be “pushed” from the local Git repository to aremote Git repository. From the remote repository, the code may beedited by others with access, or the application may be executed by amachine. Other SCM systems work in a similar manner.

The client layer 210, in one embodiment, also includes a set of commandtools 214 that a user can use to create, launch, and manageapplications. In one embodiment, the command tools 214 can be downloadedand installed on the users's client machine, and can be accessed via acommand line interface or a graphical user interface, or some other typeof interface. In one embodiment, the command tools 214 expose theapplication programming interface (“API”) of the broker layer 220 andperform other applications management task in automated fashion usingother interfaces, as will be described further below in accordance withsome embodiments.

In one embodiment, the broker layer 220 acts as middleware between theclient layer 210 and the node layer 230. The node layer 230 includes thenodes 232 on which software applications are provisioned and executed.In a multi-tenancy cloud hosting environment, each node 232 hostsmultiple applications 242-246 or application components of differentapplication owners (e.g., different customers of the PaaS system). Forexample, one node 232 a, application 242 a and 246 a may have differentowners.

As used herein, an “application owner,” or simply “owner,” is theperson, persons, or entity that creates, operates, and/or manages anapplication. The application owner uses the client layer 210 to interactwith each application owned by the owner on the node layer 230. Theowner is thus the customer of the PaaS system 200. In contrast, a userof the application refers to the end user of the application, i.e., thecustomer of the application. As an example, a social network company canbe the application owner, and a social network member using the socialnetwork application can be the user of the social network application.

Using multi-tenancy to host multiple applications belonging to multipleapplication owners saves resources, as multiple applications can utilizethe operating system, middleware, communications resources, and othershared resources of the node 230. However, hosting multiple applicationsbelonging to different application owners and operators on a single noderesults in various complications that are addressed by the embodimentsset forth herein.

In one embodiment, each node 232 is a virtual machine (VM) provisionedby an Infrastructure as a Service (IaaS) provider, such as Amazon WebServices™. In other embodiments, the nodes 232 can be physical machinesor virtual machines residing on a single physical machine. In oneembodiment, the broker layer 220 is implemented on ore or more machines,such as server computer, desktop computer, etc. In some embodiments, thebroker layer 220 may be implemented on one or more machines separatefrom machines implementing each of the client layer 210 and the nodelayer 230.

In one embodiment, the broker layer 220 includes a broker thatcoordinates some of the requests from the client layer 210 with actionsperformed at the node layer 230. One such request is new applicationcreation. In one embodiment, when a user, using the command tools 214requests the creating of a new application, or some other action tomanage the application, the broker 222 first authenticates the userusing an authentication service 224 such as Streamline™ or some otherauthentication tool. Once the user has been authenticated and allowedaccess to the system, the broker 222 uses a server orchestration system226 to collect information and configuration information about the nodes232.

In one embodiment, the broker 222 uses the Marionette Collective™(“MCollective™”) framework available from Puppet Labs™ to facilitateparallel job execution of the server orchestration system 226. Theserver orchestration system, in one embodiment, functions to coordinateserver-client interaction between multiple—sometimes a large numberof—servers. The servers being orchestrated in one embodiment are thenodes 232, which are acting as application servers and web servers.

For example, if the broker 222 wanted to shut down all applications onall even numbered nodes out of 100,000 nodes, the broker 222 would onlyneed to provide one command to the server orchestration system 226. Theserver orchestration system 226 would—in one embodiment—generate aseparate message to all nodes to shut down applications if the node iseven, and distribute the messages to the nodes using a messaging andqueuing system. Thus, in one embodiment, the broker 222 manages thebusiness logic and model representing the nodes 232 and the applicationsresiding on the nodes, and acts as the controller that generates theactions requested by users via the client tools 214 API. The serverorchestration system 226 then takes those actions generated by thebroker 222 and orchestrates their execution on the many nodes 232managed by the system.

In one embodiment, the information collected about the nodes 232 can bestored in a data store 228. In one embodiment, the data store 228 can bea locally hosted database or file store, or it can be a cloud basedstorage service provided by a SaaS storage provider, such as Amazon™ S3™(Simple Storage Service™). The broker 22 then uses the information aboutthe nodes 232 and their applications to model the application hostingservice and to maintain records about the nodes. In one embodiment, nodedata is stored in the form of a JavaScript Object Notation (JSON) blobor string that maintains key-value pairs to associate a uniqueidentifier, a hostname, a list of applications, and other suchattributes with the node.

Another embodiment of node architecture for nodes 232 is now describedwith reference to FIG. 2B. In one embodiment, nodes 232—which arevirtual machines of a cloud-based IaaS environment—can be furthersubdivided into resource pools. For example, node 232 x is shown to havethree resource pools 261-263. Other embodiments can have any othernumber of resource pools per node, and the number of resource pools canvary between different nodes and implementations.

Each node 232 is allocated a certain amount of hardware and middlewareresources, such as memory, processing cycles, communications, messaging,and other such provisions to implement a virtual machine. Each node 232also has a node operating system 255 to manage and use those allocatedresources. In one embodiment, a resource pool is a further division ofthose allocated resources into distinct and separate groups. As usedherein, a resource pool refers to a collection of VM/node resources—suchas processing cycles, memory, and middleware—that are districted awayfrom other VM resources. In some embodiments, a resource pool includes asoftware cartridge that acts as middleware for an application component(for example, JBoss for an application server component of a compositeapplication). The resource pools can be managed by the node operatingsystem 255.

In one embodiment, the resource pools are segregated from each other, sothat each resource pool accesses common node resources as if it were theonly resource pool on the node. This allows multiple resource pools toshare some node resources (such as an HTTP server and the underlyingnode operating system). In one embodiment using a Linux-based node,resource pools are segregated from each other using SELinux™ securitylabeling, Linux control groups, and kernel namespacing, as describedabove. Nodes running other operating system environments can use othersuch sandboxing techniques to segregate and isolate resource pools fromone another and from the node operating system. Communications betweenthe broker 222 and the nodes 232 can be coordinated by an agent 250 of aserver orchestration system or other messaging platform, as describedfurther below.

In one embodiment, applications are not only associated with a node 232and a software repository on the node, but with a resource pool. In oneembodiment, one resource pool contains only one application, or multipleapplications owned by the same client. In such an embodiment, theresource pools are used as the security and segregation container toimplement multi-tenancy.

In yet other embodiments, the applications hosted by the PaaS systeminclude composite n-tier Web applications that have several separatecomponents, such as a Web server, and application server, and adatabase, all implemented separately. In such an embodiment, eachapplication component can be provided a different resource pool,although several application components owned by the same applicationowner can reside in the same resource pool.

For example, node 232 y is shown as having three resource pools 264-266.Each resource pool is hosting an application component 274-277. Resourcepools 264 and 266 host one application component each, applicationscomponents 274 and 277 respectively. Resource pool 265 is hosting twoseparate application components 265, 276. In one embodiment, the twoseparate application components 265, 276 being hosted by resource pool265 are components of the same composite application, but in otherembodiments, they may be components of different applications owned bythe same application owner (PaaS customer), or two differentapplications owned by the same application owner.

In one embodiment, different components of one composite application canbe hosted by different resource pools. For example, applicationcomponent 271 and application component 272—hosted by resource pool 261and resource pool 262 respectively—can be two components of the samecomposite application. In one embodiment, different components of onecomposite application can further be hosted by different resource poolsresiding on different nodes 232. For example, application component 271and application component 277—hosted by resource pool 261 of node 232 xand resource pool 266 of node 232 y respectively—can be two componentsof the same composite application.

While much of the discussion herein is set forth in terms ofapplications—as a whole—for simplicity, many facets, techniques,implementations, and embodiments can be applied to applicationcomponents without loss of generality. For example, when determiningwhich node of the PaaS system to select to host an application asdescribed further below, the same or similar methodologies and systemscan be used to determine which node of the PaaS system to select to hostan application component. By way of another example, communications andinterfaces between the client layer and applications described furtherbelow, are equally applicable to application components instead ofapplications. Thus, as used herein throughout, the terms “application”and “application component” can be used interchangeably whereappropriate.

One embodiment of the interaction between the server orchestrationsystem 226 and the nodes 232 is now described in more detail withreference to FIG. 3A. Each node, which in one embodiment is implementedas a virtual machine, has an operating system 310 that can executeapplications (e.g., applications with source code stored in the varioussoftware repositories 308 resident on the node 232). In one embodiment,each repository is associated with a resource pool. In other words, aresource pool contains an application cartridge including middlewarespecific to an application hosted in the repository contained in theresource pool. A resource pool, in one embodiment, can be conceptualizedas a security-segregated and resource-constrained container configuredto host an application cartridge (middleware and/or runtime environment)and an application or application component.

For a composite application, the components of the application can bespread out over multiple resource pools. In such an embodiment, one ofthe resource pools acts as the interface front end of a distributedrepository. Thus, one resource pool will contain the main repositorythat is aware of the current location of all the distributedrepositories in other resource pools. When such components or resourcepools are relocated, the main repository can be updated by its nodeusing information provided by the broker or its server orchestrationsystem 226 that it collects from these other nodes.

The nodes also include an agent 312 configured to track and collectinformation about the nodes 232 and to perform actions on the node.Thus, in one embodiment using MCollective for the server orchestrationsystem, the agents 312 can act as MCollective servers. The serverorchestration system 226 would then act as the MCollective client thatcan send requests, queries, and commands to the agents 312. The agent312 collects information about the node on which it resides.

In server management terminology, such information is referred to as“facts.” For example, one fact is which operating system is installed onthe node. Facts are generally stored as key:value pairs, such as“Kernel:Linux,” “Hostname:Server1422,” IP Address:23.43.65.676.” Theserver orchestration system 226 allows the agents to gather informationabout facts not originally intended. Such extensions are referred to as“custom facts.”

In some cloud platform systems, each new application owned by adifferent owner or customer is given its own node, meaning a new virtualmachine is created for such an application. However, in a multi-tenancyplatform system, one node can host multiple—even hundreds ofapplications owned by potentially hundreds of different applicationowners or customers. In one embodiment, the PaaS system of FIG. 3A is amulti-tenant PaaS environment. Thus each node 232 runs multipleapplications 235 that may be owned or managed by different users and/ororganizations. As such, a first customer's deployed applications mayco-exist with any other customer's deployed applications on the samenode (VM), and multiple software repositories can exist on the samenode.

In one embodiment, the agent 312 is configured to maintain a custom factto track the number of software repositories on the node. For example,the name of the custom fact can be “Repos,” and its current integervalue, such as 30, would indicate 30 repositories each containing a Webapplication or a component of a Web application, being hosted on thenode 232. This is not the type of standard fact maintained by a serverorchestration system, such as CPU usage and memory usage. Furthermore,since in a single tenant hosting environment the application owner wouldbe aware of the number of applications and application component it ownsand manages, such a custom fact would be unnecessary in anon-multi-tenancy application hosting environment. In one embodiment,the number of repositories being hosted on a node can be used as afactor when determining the capacity of a node to host additionalapplications or application components.

In one embodiment, the agent 312 periodically queries the node 232, forexample the operating system 310, to determine the number of softwarerepositories 308 and updates a custom fact with the identified number ofrepositories. In another embodiment, the agent 312 can track applicationcreation and destruction to track changes in the number of softwarerepositories (e.g., if a software repository is created in response toapplication creation or removed in response to application destruction)and update the corresponding custom fact accordingly.

In one embodiment, the agent 312 is configured to maintain a custom factto track the number of resource pools instantiated on the node. Forexample, the name of the custom fact can be “Resource Pools,” and itscurrent integer value, such as 10, would indicate 10 resource pools—eachcontaining a Web application, a component of a Web application, orseveral applications or components owned by one owner—being instantiatedon the node 232. Since in a single tenant hosting environmentapplications would not be segregated into resource pools, such a customfact would not make sense in a non-multi-tenancy application hostingenvironment that does not implement resource pools. In one embodiment,the number of resource pools being instantiated on a node can be used asa factor when determining the capacity of a node to host additionalapplications or application components in either existing or newresource pools.

In one embodiment, the agent 312 periodically queries the node 232, forexample the operating system 310, to determine the number of softwareresource pools and updates a custom fact with the identified number ofresource pools. In another embodiment, the agent 312 can track resourcepool creation and destruction to track changes in the number of resourcepools, and update the corresponding custom fact accordingly.

In one embodiment, the applications or application components residingin the software repositories contained in the resource pools are eitherexecuting or not. For example, an application may currently be stoppedby its owner, or the application may not have been started yet. In oneembodiment, the agent 312 is also configured to track the number ofactive applications 304, which can be defined as the applications thatare currently executing, and thus consuming more resources than theapplications that are not executing. The number of active application304 can also be tracked as a custom fact. Yet another custom fact can bethe number of idle applications 306. Several embodiments of idleapplications are described below with reference to FIG. 3B and FIG. 3C.

Another view of a node is shown as node 232 d. Node 232 shows multipleWeb applications (App1-App4) residing on the node 232 d. Eachapplication resides in an SCM repository, Repo1-Repo4, respectively.Thus, the agent 312 d would discover four repositories on the node 232 dand maintain that number as a custom fact. As an example, App1 may bestopped by a user, or never started, App2 and App3 may be activeexecuting Web applications that are executing in two separate threads inthe operating system 310 d, and App4 may be an idle Web application thatis not currently executing due to low or no application usage. In thisexample, the custom fact representing active applications would be two,and the custom fact representing idle applications would be one. Customfacts can be defined using a utility program, such as Facter, andcollected by running scripts on the node accessible to the nodeoperating system. For example, a script can define a Facter custom factof git_repos and count the number or .git files in the directory of thehost VM to populate the custom fact. Similarly, scripts can countapplications having certain states in the node directory (e.g., active,idle, stopped) to determine custom facts for the number of activeapplications, idle applications, and the node capacity, as discussedfurther below.

As set forth above, the number of idle application on a node can bemaintained, tracked, or determined, and stored, for example, as a customfact. In one embodiment, an idle application is an application hosted onthe node that has been started at some point by its owner, and eventhough the application has not been shut down by its owner, its lowusage—by the end users of the application, by the owner, or both—doesnot justify the resources used to keep the application running. Suchapplications can be idled. In one embodiment an idled application isshut down to keep it from consuming node resources, but provisions aremade to ensure that if a user accesses the application over theinternet—for example a reader of a blog requests the website of theblog, or a member of a social network logs into their profile—theapplication is restarted in a manner transparent to the user.

One embodiment of implementing idling an application hosted on a node ofthe PaaS system is now described with reference to FIG. 3B. FIG. 3B is ablock diagram illustrating a node 232 of the PaaS system and a reverseproxy 320 used, in part, to implement multi-tenancy on the node 232. Asset forth above, the node includes several applications 341, 343, 345being hosted on the node 232. In one embodiment, each application is aWeb application and includes a Web server 342, 344, 346, respectively,to handle Web requests bound for each application. The node 232 alsoincludes an agent 312, to allow the broker layer to manage the node 232,and an operating system (not shown).

In one embodiment, each node of the PaaS system has an associatedreverse proxy server 320 that is responsible for monitoring applicationsrunning on the node and detecting when any of these applications becomeidle and/or when any of the idle applications should be reactivated. Theassociated reverse proxy server 320 can be implemented on the same VM asthe node, or on a different VM than the node (as shown in FIG. 3B),which may in turn be hosted by the same physical machine as the node ora different physical machine then the node. In one embodiment, thereverse proxy 320 implements virtual name hosting 324 to providemulti-tenancy support to the node 232. By providing a virtual namehosting module 324, multiple applications having different URLs (e.g.,application 341 www.blogsrus.com and application 343 www.mycarclub.com)can be hosted on a node 232 having a single internet protocol (IP)address.

When Web requests 322 bound for an application (e.g., application 343the Car Club site) arrive at the reverse proxy 320, they are redirectedto application 343 according to the configuration of the virtual namehosting module 324. In one embodiment, the reverse proxy 320 includes atimer 326 that tracks one or more usage and/or access statistics foreach application and triggers certain actions when minimum usagethresholds for the access statistics are not met. For example, the timer326 may be set to time out if an application is received no HTTPrequests from a user over the Internet for a week and the owner has notlogged in to manage the application in over two weeks. For example, thecar club application 343 may not have anyone visiting the site in over aweek and/or its owner may have lost interest in managing the car clubwebsite.

In one embodiment, when the timer 326 times out or otherwise indicatesthat an action is needed, the timer 326 alerts an idler 328 of thereverse proxy 320 of which application met or exceeded an idlingcondition threshold. The idler 328, in response to the information fromthe timer 326, then proceeds to idle the identified application. In oneembodiment, the idler 328 can be implemented as a script or other coderesiding on the reverse proxy, but the idler can reside elsewhere. Thetimer 328 and the idler 326 can be implemented as a single module or asseparate modules, such as in FIG. 3B. Several embodiments of processingperformed by the idler 328 to idle an application will be described inmore detail below with reference to FIG. 3C.

In one embodiment, the reverse proxy 320 also includes a restartermodule 330 to transparently restart an idle application. Various actionsor triggers can activate the restarter 330. For example, in oneembodiment, receiving an HTTP request 322 from a user of the idleapplication over the internet causes the restarter 330 to restart theapplication and to provide the functionality of the application to theuser as if the application was always executing. Several embodiments ofprocessing performed by the restarter 330 to restart an application willbe described in more detail below with reference to FIG. 3D.

FIG. 3C is a flow diagram illustrating a method 350 for idling anapplication hosted on a node of a PaaS system according to an embodimentof the invention. Method 350 may be performed by processing logic thatmay comprise hardware (e.g., circuitry, dedicated logic, programmablelogic, microcode, etc.), software (such as instructions run on aprocessing device), firmware, or a combination thereof. In oneembodiment, method 350 is performed by the reverse proxy 320 and theidler module 328 of FIG. 3C.

Method 350 begins at block 352 with the observation that some thresholdperiod of time has elapsed without an access to one of the Webapplication hosted on one or more of the nodes of the PaaS system. Inother embodiments, even if some access has occurred within the timeoutwindow, if a minimum level of access is not maintained, the thresholdfor insufficient access can be triggered. In one embodiment, useraccesses to the Web application in the form of HTTP requests to theWebsite are monitored for access, and a lack of HTTP requests targetingthe application within some threshold time period trigger idling. Inother embodiments, git push commands, git commits, or other accesses bythe owner are also monitored for sufficient volume of access.

Both the threshold time period and the minimum usage required can vary,and can depend on multiple factors. In one embodiment, both can beconfigured by administrators of the PaaS system. One example policy canbe to idle any Ruby Web application that has not received an HTTPrequest in 5 days, unless the owner of the application uploaded new codeto the repository within the last week. The logs of the code repositorycan be examined to determine the timing of commits and push operations.The timer 326 can monitor the HTTP requests received at the reverseproxy 320 to trigger idling events. Various other idling policies arepossible.

At block 354, the application is shut down in response to the elapsedthreshold observation. In embodiment, the timer 326 signals the idler328 that an application should be idled in response to having triggeredan idling policy. The idler, in one embodiment, instructs the agent 312of the node associated with the reverse proxy 320 to shut down theapplication. In other embodiments, the idler can communicate with thenode operating system directly to shut down the target application. Theapplication can be shut down in the normal manner, as if the instructionto shut down or stop the application came from the client layer (e.g.,the owner of the application shutting down the application) or thebroker layer. In one embodiment, the state of the application is savedby the node, and this state can be accessed when restarting the idleapplication.

At block 356 the state of the application is changed from active toidle. The state information about the application can be maintained bythe reverse proxy 320, by the node as an application attribute, as acustom fact, or all of the above. In one embodiment, the node—forexample the agent 312—maintains a custom fact about the number of idleapplications, as set forth above. Such custom fact can be updated usingthe changed status of the application being idled.

At block 358, the reverse proxy 320 is reconfigured to point incomingrequests and accesses (such as HTTP requests) to the restarter 330, orother such module whose purpose is to restart an idling application. Therestarter 330 can be a script, and, in one embodiment, a pointer to therestarter script can replace the pointer to the Web server of the targetapplication in the virtual name hosting module 324. Thus, for an idleapplication, accesses to the application are not provided to theapplication—since it is not running—but instead are provided to arestarter.

FIG. 3D is a flow diagram illustrating a method 360 for restarting anapplication hosted on a node of a PaaS system according to an embodimentof the invention. Method 360 may be performed by processing logic thatmay comprise hardware (e.g., circuitry, dedicated logic, programmablelogic, microcode, etc.), software (such as instructions run on aprocessing device), firmware, or a combination thereof. In oneembodiment, method 360 is performed by the reverse proxy 320 and therestarter module 330 of FIG. 3C.

Method 360 begins at block 362 with receiving a request—such as an HTTPrequest—at the reverse proxy that is an access to the idle applicationand addressed to the idle application. Since the application is idle,the reverse proxy 320 is configured to redirect requests bound for theapplication to the restarter 330. In response to receiving the request,the restarter 330, at block 364 starts up the application and changesthe state of the application back from idle to active. In oneembodiment, the restarter can instruct the agent 312 of the node tostart running the application, or can effect the starting of theapplication directly with the node operating system using variousinterprocess communication and task automation techniques. Any savedapplication state information can be accessed by the node to return theapplication to the state it was in when idled.

As discussed above, the current state of each application can bemaintained by the reverse proxy, the node, or both. In one embodiment,the restarter also causes an update to the status of the applicationback to “active.” Such update can further cause an update to the customfact tracking the number of idle or active applications that ismaintained, in one embodiment, by the agent of the node.

At block 366, the reverse proxy is reconfigured to point the virtualname hosting module back to the restarted application instead of therestarter. Thus, future HTTP requests and other accesses to therestarted application will once again be redirected to the application.Then, at block 368, the client machine of the user that originated therequest (e.g., a visitor to the Website powered by the application) isprompted to resend the original HTTP request that was received in block362. In one embodiment, this is done by the restarter script sending aredirect to the reverse proxy itself in response to the received HTTPrequest.

In this manner, and according to other such embodiments, applicationsthat are not being used or accessed enough can be shut down to preservenode resources, but in a manner that is transparent to the users andowners of the application. Such application idling capability isespecially valuable in a multi-tenancy node environment, because a nodecan host many applications or application components many of which maynever be accessed, be accessed only infrequently, or left abandonedafter some time.

As set forth above, when referring to an application herein, a similarprocess can be implemented to apply to a component of an n-tiercomposite application. For example, for the idling processing, it maynot be an entire application that becomes underutilized. Rather it maybe a component of a composite application that is contained in adifferent resource pool from that is not meeting minimum usagethresholds. For example, users may be interacting with a website, butnot saving any data or creating accounts, thus resulting in an activeWeb server, but an idle database executing in a different resource pool.In such an embodiment, the database server can be idled according to theprocessing described above, with the application component being treatedas the application.

FIG. 4 is a flow diagram illustrating a method 400 for tracking variouscustom facts on a node according to an embodiment of the invention.Method 400 may be performed by processing logic that may comprisehardware (e.g., circuitry, dedicated logic, programmable logic,microcode, etc.), software (such as instructions run on a processingdevice), firmware, or a combination thereof. In one embodiment, method400 is performed by the agent 312 of FIG. 3.

Method 400 begins at block 410 with tracking the number of softwarerepositories on the node. In one embodiment, whenever a softwareapplication is created, deleted, or undergoes state change (e.g., activeto idle), instruction to perform the specified action is distributedusing the message broker of the server orchestration system. In anotherembodiment, the agent can periodically discover the number of softwarerepositories on a node.

In one embodiment, a software repository is a data structure thatcontains source code for an application, various files and directoriesused by the application, and a historical record of changes in therepository and other such revision control items. Software repositoriescan also include various security and completeness checks, such asdigital signatures to authenticate the repository and checksums toensure completeness of the repository. To discover the number ofsoftware repositories on a node, in one embodiment, the agent can querythe operating system of the node about the number of softwarerepositories currently resident on the node (e.g., using a utility suchas Facter™ available from Puppet Labs™ to communicate with the operatingsystem) and can store this information as one of the facts. The agentcan then retrieve and manage the custom facts described herein, such asthe number of software repositories being hosted on the node.

At block 415, the number of resource pools is tracked. In someembodiments, each resource pool hosts only one repository. In suchembodiments, the number of resource pools will equal the number ofsoftware repositories. However, in other embodiments, a resource poolcan host multiple repositories that may have some connection, such asbeing managed by the same owner and being different components of onecomposite application.

In block 420, a determination is made as to which software repositoriescontain active applications. In one embodiment, active applications areall applications that have been started by their owners and that havenot been stopped. Since, in one embodiment, “start” and “stop” commandsinvolve application state changes that pass though the agent, the agentcan track the number of active applications by incrementing the activeapplication count whenever an application is started and decrementing itwhenever an application is stopped.

In another embodiment, as set forth above, applications may also be idlewithout intervention of the owner of the application. In such anembodiment, the agent can be configured to receive a notificationwhenever an application starts idling and is reactivated. For example,the agent can subscribe to notifications for changes in the status ofapplications—e.g., from active to idle—or can maintain an applicationstatus indicator itself. In one embodiment, each time an applicationbegins to idle, the active application count can be decremented, andevery time an idle application is reactivated, the active applicationcount can be incremented.

In one embodiment, the capacity of the node to host additionalapplications or application components is calculated in block 430 andalso stored as a custom fact. The capacity of a node is its capacity tohost additional applications or application components. A newapplication or component may be hosted in a new or unallocated resourcepool. Furthermore, in some embodiment, a new application or applicationcomponent can be hosted in an existing resource pool as long as theresource pool has the capacity and hosts applications and componentsowned by the same application owner.

As the multiple applications of a multi-tenant node increase in number,they use more of the resources of the node, thereby decreasing thecapacity of the node to host more applications. At some point, the nodewill be operating at full capacity, which can be defined by asignificant deterioration in the performance of the hosted applicationswere additional applications added. Various embodiments for calculatingthe capacity of the node will be described in detail further below. Forexample, the capacity of a node can be calculated using the number ofrepositories as an indication of the node's ability to host additionalapplications.

As mentioned above, the various custom facts described are maintained bythe agent—including but not limited to the number of softwarerepositories, the number of active applications, the number of idleapplications, and the capacity of the node. At block 440, the agentupdates the custom facts with the most recent values determined asdiscussed above. The custom facts maintained by the agent can be used ina number of ways to support various platform operations. For example, asdescribed further below, the number of software repositories, the numberof resource pools, the number of active applications, the number of idleapplications, and the capacity of the node, can all be used whenselecting a node on which a new application or application component isto be hosted from a set of available nodes that already host otherapplications in a multi-tenant environment.

As discussed above, a user may request to create a new application(e.g., using the command tools 214). One embodiment of creating a newapplication is now described with reference to FIG. 5. FIG. 5 is a flowdiagram illustrating a method 500 for selecting a node from a number oravailable nodes on which to create a new application according to anembodiment of the invention. Method 500 may be performed by processinglogic that may comprise hardware (e.g., circuitry, dedicated logic,programmable logic, microcode, etc.), software (such as instructions runon a processing device), firmware, or a combination thereof. In oneembodiment, method 500 is performed by the broker 222 of FIG. 2.

Method 500 begins at block 510 where a request to create a newapplication or application component is received from the client layer.As explained above, in some cloud platform systems, each new applicationof a different owner or customer is given its own node, meaning a newvirtual machine is created for each such application. However, in amulti-tenancy platform system, one node can host multiple—even hundredsof applications owned by different Paas customers and/or organizations.In one embodiment, the PaaS system of FIG. 2 is a multi-tenant PaaSenvironment. Thus each node 232 runs multiple applications 235 that maybe owned or managed by different users and/or organizations. As such, afirst customer's deployed applications may co-exist with any othercustomer's deployed applications on the same node (VM).

At block 520, the request to create the new application is parsed toextract any application attributes included in the request. Oneapplication attribute can be a software type of the application, such asPHP, Ruby, JBoss, JavaSript, and other such high-level languages inwhich applications are developed. In one embodiment, the number ofdifferent types of applications can be stored and updated as a customfact, as explained above.

Another possible application attribute can be application size. This canbe measured in terms of sheer memory used by the application code, or bythe anticipated memory footprint of the application. The memoryfootprint of the application refers to the memory used or referenced bythe application during execution. In one embodiment, the applicationsize is user selectable from a list of two (e.g., “small” or “large”) orthree (“e.g., “small” “medium” or “large”) options. In one embodiment,the number of applications of various sizes can be stored and updated asa custom fact, as explained above. Furthermore, whether the node isconfigured to host small or large applications can also be stored andmaintained as a custom fact, as explained above.

Another possible application attribute can be geographic or networklocation. This can be a logical zoning, districting, or other suchpartitioning of the node farm into various classifications or districts.For example, different clouds can be classified as different districts.Similarly, nodes residing on servers in different physical geographicareas (e.g., Japan) can be classified as different districts. Thus, aGerman social network application may be hosted on a node farm in Europeto optimize network bandwidth and latency. In one embodiment, districtto which each node belongs can be stored and updated as a custom fact,as explained above.

At block 530, the set of available nodes on which the new applicationcan be created is discovered using the extracted application attributes(e.g., available nodes hosting middleware to be used by the newapplication). For example, if the new application to be created is a PHPapplication, then nodes that have PHP installed are discovered. Inanother embodiment, if a new application or component is to be includedin a resource pool that already contains an application or component,then nodes are filtered to include only nodes containing resource poolsowned by the PaaS customer requesting the new application. If noappropriate node is discovered, then a new node can be dynamicallycreated using the cloud IaaS provider and configured according to theneeds of the new application or component.

According to another example, the new application requested can be alarge Ruby application. In such a case, in block 530, nodes configuredfor large applications and with a Ruby interpreter installed would bediscovered and identified to the broker. The size of the application(i.e., large, medium, small) can be measured by the language/IDE used,by the application type/function, by the size of the code, or by othersuch means. For example, a PHP application that returns a weather codeor stock quote can be a small application, whereas a JBoss applicationwith database backend can be a large application. The broker may performadditional filtering based on node attributes instead of applicationattributes. For example, the broker might filter the set of availablenodes to include only nodes in a certain geographic region (e.g., Japan)or only nodes belonging to some logical or geographical organization ofnodes. In yet other embodiments, the filtering may be to exclude nodesthat already host an application, component, or resource pool managed bythe requesting owner, in order to spread the risk of node failure amongmultiple PaaS system customers.

In one embodiment, the broker uses the server orchestration system 226to discover the nodes on which the new application can be hosted. Thisis one example of using the facts maintained by the agents on thenode—including the custom facts—by the broker layer. In the exampleabove, large Ruby applications are discovered by the broker requestingthe information from the server orchestration system 226. The serverorchestration system 226 then sends a query to all nodes to respond ifthey satisfy the filter criteria, based on their custom facts.

In block 540, the current capacity on the discovered nodes isdetermined. A node with more capacity has more unused resources, and canthus be a more desirable location for creating a new application.Various processes for determining node capacity will be described inmore detail further below. In one embodiment, the node capacity iscalculated by the broker 222 based on gathered information, but it canbe pre-computed on the nodes, and gathered by the broker 222 as one ofthe pieces of information.

In the embodiment described above, the processing described withreference to blocks 530 and 540, is performed dynamically, with livediscovery of available nodes over the network and the dynamiccalculation of the capacity of each discovered node. However, in anotherembodiment, information about the nodes and the applications residing onthe nodes is stored in a data store accessible by the broker. Suchinformation about the nodes can include the pre-calculated capacity ofeach node. Thus, in one embodiment, block 530 is performed by accessinginformation about nodes in the data store and block 540 is performed byretrieving the capacity of the identified nodes from the data store.

At block 550, the broker instructs the node having the most capacity tocreate the new application or application component. In one embodiment,the node having the most capacity includes one or more applications orapplication components of PaaS customers other than the owner of the newapplication. In one embodiment, the broker can send an instruction tothe selected node using the server orchestration tool. In otherembodiments, the broker can access the selected node directly toinstruct the creating of a new application. If no appropriate node islocated at block 530, or all discovered nodes are determined to be atfull capacity at block 540, then a new node can be created, that isappropriate for the new application based on the application attributes

In one embodiment, in response to the instruction sent to the selectednode to create the new application, the node creates a new softwarerepository on the identified node and populates the software repositorywith a template application. The node layer then uses a Domain NameSystem (DNS) to assign a host name to the application, and returns anapplication host name to the broker. The broker then can generate aunique system identifier and associate it with the host name of theapplication.

At block 560, the broker identifies the node selected for the newapplication to the client layer. This can be done by sending the hostname of the application to the client tools to be presented to the user.The broker can also send the unique application identifier to the clienttools. In one embodiment, the client can then pull the new softwarerepository to the client machine to synchronize the local softwarerepository on the client machine with the new software repository on thenode.

Revisions to the application can then be pushed directly from the clientlayer (local SCM repository) to the node on which the applicationresides (remote repository). Since the application is secured andsegregated on the node, such SCM push actions can identify theapplication or its resource pool by using a unique ID (UUID) assigned tothe application by the broker and a secure channel interface (such asSSL) to log into the application being managed by the application owner.Thus, the local SCM can log into the node and because of the securityand segregation features of multi-tenancy (such as kernel namespacingand the individual process space allotted to the resource poolcontaining the local repository), be only given access to the remoterepository associated with the local repository managed by the owner.

As set forth above, in a multi-tenant cloud PaaS system, a concept ofthe capacity of a node to host additional applications can be helpful toidentify which node to select for the creation of a new application inresponse to a request from the client layer. By hosting multipleapplications of different application owners on nodes, a new node needonly be instantiated when no current node exists with the appropriateconfiguration and the capacity to host a new application. Severalembodiments of determining node capacity in a multi-tenant couldplatform are now described with reference to FIG. 6. The processingdescribed with reference to FIG. 6 is, in one embodiment, a moredetailed explanation of block 540 of FIG. 5 that can be performed oneach discovered node.

FIG. 6 is a flow diagram illustrating a method 600 for determining thecapacity of a node according to an embodiment of the invention. Method600 may be performed by processing logic that may comprise hardware(e.g., circuitry, dedicated logic, programmable logic, microcode, etc.),software (such as instructions run on a processing device), firmware, ora combination thereof. In one embodiment, method 600 is performed by thebroker 222 of FIG. 2 or the agent of FIG. 3A.

Method 600 begins at block 610 where the number of software repositorieson a node is determined. In one embodiment, each application residing onthe node is associated with one software repository designated to thisapplication. In such an embodiment, the number of software repositoriescan act as a proxy measurement for the number of resident applications.Similarly, in one embodiment, repository is associated with a resourcepool and the number of software repositories can act as a proxymeasurement for the number of resource pools on the node, or vice versa.

However, in other embodiments, one application can be hosted by multipledistributed software repositories, so the number of softwarerepositories is not necessarily the same as the number of applicationsresident on the node. However, in such embodiments, individualapplication components can be counted as applications, such as the Webserver of a composite application.

In one embodiment, the number of software repositories resident on thenode can be determined by querying the node itself, or a manager systemthat manages the node, such as the node operating system, or a nodeagent that maintains facts about the node. For example, in oneembodiment the broker 222 can use the server orchestration system 226 toquery the agents 312 as to their current custom fact related to thenumber of software repositories, as described above with reference toFIG. 3A. In another embodiment, the broker maintains a record in thedata store for each node and the number of software repositories on eachnode, and can retrieve this information without querying the nodes. Insuch an embodiment, the data store maintained by the broker would beperiodically updated by the agent.

At block 620, each repository is weighted based on software type, suchas PHP, Ruby, JBoss, ect, as discussed above. Some programming languageshave larger memory footprints and/or other resource utilization thanothers. For example, the weight of PHP applications may be 1 and theweight of a JBoss application may be 1.5 to account for the largeramount of node resources expectedly utilized by the JBoss application.If a node hosts only applications of one software type, or softwaretypes with similar resource utilization, then block 620 can be omitted.In other embodiments, block 620 is optional even if applications withdifferent resource utilization footprints reside on the node.

At block 630, each repository is weighted based on application size asdiscussed above. In one embodiment, nodes are configured to hostapplications of a certain size. For example, a “large” node would beconfigured to host a small number (e.g., 10) of large applications,while a “small” node would be configured to host a larger number (e.g.,100) of small applications. If a node hosts only applications of onesize, then block 630 can be omitted.

However, in one embodiment, a node is allowed to host applications ofdifferent sizes. In such an embodiment for example, the weight of smallapplications may be 1 and the weight of large applications may be 10 toaccount for the larger amount of node resources expectedly utilized bythe large applications. In other embodiments, block 630 is optional evenif applications of different sizes reside on the node.

At block 640, the current node utilization is determined by summing theweighted repositories. In embodiments where blocks 620 and 630 wereomitted, at block 640 the actual number of software repositoriesdetermined in block 610 is unchanged as the sum is not weighted.

At block 650, the maximum node utilization is determined. The maximumnode utilization can be configured by a PaaS administrator. The maximumnode utilization can be expressed, in one embodiment, as the maximumnumber of software repositories that is allowed to reside on the node.In another embodiment, the maximum node utilization can be expressed, asthe maximum number of weighted software repositories that is allowed toreside on the node. In one embodiment, the maximum node utilization canbe determined by querying the node itself (it can be stored as a customfact for example), or a manager system that manages the node. In anotherembodiment, the broker maintains a record in the data store for eachnode and the maximum node utilization of each node, and can retrievethis information without querying the nodes.

At block 660, the current node capacity is determined by subtracting thecurrent node utilization from the maximum node utilization. Thus, ahigher capacity indicates more available and unused node resources.However, in other embodiments other formulas can be used to similareffect. For example, the current node utilization can be divided by themaximum node capacity to express the current node capacity as apercentage.

One illustrative example is as follows. A node currently has 25 residentsoftware repositories. 19 are PHP applications and 6 are JBossapplications. JBoss is weighed as 1.5 PHP applications. Thus, thecurrent utilization is (19*1)+(6*1.5)=28. If the maximum node capacityis 50 software repositories, than the current capacity is 50−28=22. Thenew application can then be chosen to reside on the node with the mostcurrent capacity, as described with reference to FIG. 5.

A similar schema to determine node capacity according to anotherembodiment is now described with reference to FIG. 7. The processingdescribed with reference to FIG. 7 is, in one embodiment, a moredetailed explanation of block 540 of FIG. 5 that can be performed oneach discovered node.

FIG. 7 is a flow diagram illustrating a method 700 for determining thecapacity of a node according to an embodiment of the invention. Method700 may be performed by processing logic that may comprise hardware(e.g., circuitry, dedicated logic, programmable logic, microcode, etc.),software (such as instructions run on a processing device), firmware, ora combination thereof. In one embodiment, method 400 is performed by thebroker 222 of FIG. 2 or the agent of FIG. 3A.

Method 700 begins at block 710 where the number of active applicationson the node is determined. As explained above, in one embodiment, someapplications may be stopped by their owners or may be idling due to lowactivity or persistent inactivity. Thus, the number of activeapplication can be determined as the number of applications orapplication components hosted on the node, minus the applications thatare not running (e.g., stopped or never started) and idling. In oneembodiment, the number of active applications on the node can bedetermined by querying the node itself, or a manager system that managesthe node. For example, in one embodiment the broker 222 can use theserver orchestration system 226 to query the agents 312 as to theircurrent custom fact related to the number of active applications, asdescribed above with reference to FIG. 3. In another embodiment, thebroker maintains a record in the data store for each node and the numberof active applications from when the node was last queried, and canretrieve this information without querying the nodes.

At block 720, each active application is weighted based on softwaretype, such as PHP, Ruby, JBoss, ect, as discussed above. If a node hostsonly applications of one software type, or software types with similarresource utilization, then block 720 can be omitted. In otherembodiments, block 720 is optional even if applications with differentresource utilization footprints reside on the node.

At block 730, each active application is weighted based on applicationsize as discussed above. If a node hosts only applications of one size,then block 730 can be omitted. However, in one embodiment, a node isallowed to host applications of different sizes. In such an embodimentfor example, the weight of small applications may be 1 and the weight oflarge applications may be 10 to account for the larger amount of noderesources expectedly utilized by the large applications. In otherembodiments, block 730 is optional even if applications of differentsizes reside on the node.

At block 740, the current node utilization is determined by summing theweighted active applications. In embodiments where blocks 720 and 730were omitted, at block 740 the actual number of active applicationsdetermined in block 710 is unchanged as the sum is not weighted.

At block 750, the maximum node utilization is determined. The maximumnode utilization can be expressed, in one embodiment, as the maximumnumber of active applications that is allowed to reside on the node. Inanother embodiment, the maximum node utilization can be expressed, asthe maximum number of weighted active applications that is allowed toreside on the node. In one embodiment, the maximum node utilization canbe determined by querying the node itself (it can be stored as a customfact for example), or a manager system that manages the node. In anotherembodiment, the broker maintains a record in the data store for eachnode and the maximum node utilization of each node, and can retrievethis information without querying the nodes.

At block 760, the current node capacity is determined by subtracting thecurrent node utilization from the maximum node utilization. Thus, ahigher capacity indicates more available and unused node resources.However, in other embodiments other formulas can be used to similareffect. For example, the current node utilization can be divided by themaximum node capacity to express the current node capacity as apercentage. The new application can then be chosen to reside on the nodewith the most current capacity, as described with reference to FIG. 5.

FIG. 8 illustrates a diagrammatic representation of a machine in theexemplary form of a computer system 800 within which a set ofinstructions, for causing the machine to perform any one or more of themethodologies discussed herein, may be executed. In alternativeembodiments, the machine may be connected (e.g., networked) to othermachines in a LAN, an intranet, an extranet, or the Internet. Themachine may operate in the capacity of a server or a client machine in aclient-server network environment, or as a peer machine in apeer-to-peer (or distributed) network environment. The machine may be apersonal computer (PC), a tablet PC, a set-top box (STB), a PersonalDigital Assistant (PDA), a cellular telephone, a web appliance, aserver, a network router, switch or bridge, or any machine capable ofexecuting a set of instructions (sequential or otherwise) that specifyactions to be taken by that machine. Further, while only a singlemachine is illustrated, the term “machine” shall also be taken toinclude any collection of machines that individually or jointly executea set (or multiple sets) of instructions to perform any one or more ofthe methodologies discussed herein.

The exemplary computer system 800 includes a processing device 802, amain memory 804 (e.g., read-only memory (ROM), flash memory, dynamicrandom access memory (DRAM) (such as synchronous DRAM (SDRAM) or DRAM(RDRAM), etc.), a static memory 806 (e.g., flash memory, static randomaccess memory (SRAM), etc.), and a data storage device 818, whichcommunicate with each other via a bus 830.

Processing device 802 represents one or more general-purpose processingdevices such as a microprocessor, central processing unit, or the like.More particularly, the processing device may be complex instruction setcomputing (CISC) microprocessor, reduced instruction set computer (RISC)microprocessor, very long instruction word (VLIW) microprocessor, orprocessor implementing other instruction sets, or processorsimplementing a combination of instruction sets. Processing device 802may also be one or more special-purpose processing devices such as anapplication specific integrated circuit (ASIC), a field programmablegate array (FPGA), a digital signal processor (DSP), network processor,or the like. The processing device 802 is configured to execute theprocessing logic 826 for performing the operations and steps discussedherein.

The computer system 800 may further include a network interface device808. The computer system 800 also may include a video display unit 810(e.g., a liquid crystal display (LCD) or a cathode ray tube (CRT)), analphanumeric input device 812 (e.g., a keyboard), a cursor controldevice 814 (e.g., a mouse), and a signal generation device 816 (e.g., aspeaker).

The data storage device 818 may include a machine-accessible storagemedium 828 on which is stored software 824 embodying any one or more ofthe methodologies of functions described herein. The software 824 mayalso reside, completely or at least partially, within the main memory804 and/or within the processing device 802 during execution thereof bythe computer system 800; the main memory 804 and the processing device802 also constituting machine-accessible storage media.

The machine-readable storage medium 828 may also be used to storeinstructions to perform new application launching and capacitycalculations, as described for example with reference to FIGS. 5-7and/or a software library containing methods that call the aboveapplications. While the machine-accessible storage medium 828 is shownin an exemplary embodiment to be a single medium, the term“machine-accessible storage medium” should be taken to include a singlemedium or multiple media (e.g., a centralized or distributed database,and/or associated caches and servers) that store the one or more sets ofinstructions. The term “machine-accessible storage medium” shall also betaken to include any medium that is capable of storing, encoding orcarrying a set of instruction for execution by the machine and thatcause the machine to perform any one or more of the methodologies of thepresent invention. The term “machine-accessible storage medium” shallaccordingly be taken to include, but not be limited to, solid-statememories, and optical and magnetic media.

Whereas many alterations and modifications of the present invention willno doubt become apparent to a person of ordinary skill in the art afterhaving read the foregoing description, it is to be understood that anyparticular embodiment shown and described by way of illustration is inno way intended to be considered limiting. Therefore, references todetails of various embodiments are not intended to limit the scope ofthe claims, which in themselves recite only those features regarded asthe invention.

What is claimed is:
 1. A method, comprising: instantiating a first webapplication for a first application owner on a virtual machine; andinstantiating a second web application for a second application owner,wherein the second application owner is different than the firstapplication owner, and instantiating the second web applicationcomprises: determining that the second web application is associatedwith an attribute, wherein the first web application is also associatedwith the attribute, and the attribute comprises an implementationrelated property of the first web application and the second webapplication; identifying the virtual machine as configured to host webapplications having the attribute; and responsive to identifying thevirtual machine, instantiating the second web application on the virtualmachine hosting the first web application, wherein the second webapplication is prevented from accessing the first web application andthe first web application is prevented from accessing the second webapplication.
 2. The method of claim 1, further comprising: receiving,from a first client, a first request to instantiate the first webapplication; and receiving, from a second client, a second request toinstantiate the second web application.
 3. The method of claim 1,further comprising: maintaining a first application identifier for thefirst web application and a second application identifier for the secondweb application; and tracking the virtual machine as hosting the firstweb application and the second web application in view of the firstapplication identifier and the second application identifier.
 4. Themethod of claim 1, further comprising: authenticating the firstapplication owner and the second application owner; and upon successfulauthentication, collecting information about a plurality of nodesavailable to host web applications.
 5. The method of claim 4, storingthe information in a data store, wherein the information compriseskey-value pairs to associate node attributes comprising a uniqueidentifier of each node of the plurality of nodes, a name of each nodeof the plurality of nodes, or a list of applications executing on eachnode of the plurality of nodes.
 6. The method of claim 1, furthercomprising using a framework to facilitate parallel job execution. 7.The method of claim 1, further comprising: receiving a revision to thefirst web application; identifying the first web application hosted onthe virtual machine using a unique identifier of the first webapplication; and sending the revision to the first web applicationhosted on the virtual machine.
 8. The method of claim 1, furthercomprising: associating the first web application with a first resourcepool of the virtual machine; and associating the second web applicationwith a second resource pool of the virtual machine, wherein the firstresource pool is segregated from the second resource pool.
 9. The methodof claim 1, wherein the virtual machine is a multi-tenant node capableof hosting a plurality of web applications having a plurality ofapplication owners.
 10. The method of claim 1, further comprisingdetermining that the virtual machine hosting the first web applicationhas capacity to host the second web application by determining a numberof software repositories on the virtual machine, and determining acurrent node utilization using the number of software repositories. 11.A system, comprising: a memory device storing instructions; and aprocessing device communicatively coupled to the memory device, theprocessing device to execute the instructions to: instantiate a firstweb application for a first application owner on a virtual machine; andinstantiate a second web application for a second application owner,wherein the second application owner is different than the firstapplication owner, and to instantiate the second web applicationcomprises the processing device further to: determine that the secondweb application is associated with an attribute, wherein the first webapplication is also associated with the attribute, and the attributecomprises an implementation related property of the first webapplication and the second web application; identify the virtual machineas configured to host web applications having the attribute; andresponsive to identifying the virtual machine, instantiate the secondweb application on the virtual machine hosting the first webapplication, wherein the second web application is prevented fromaccessing the first web application and the first web application isprevented from accessing the second web application.
 12. The system ofclaim 11, wherein the processing device further to: receive, from afirst client, a first request to instantiate the first web application;and receive, from a second client, a second request to instantiate thesecond web application.
 13. The system of claim 11, wherein theprocessing device further to: maintain a first application identifierfor the first web application and a second application identifier forthe second web application; and track the virtual machine as hosting thefirst web application and the second web application in view of thefirst application identifier and the second application identifier. 14.The system of claim 11, wherein the processing device further to:receive a revision to the first web application; identify the first webapplication hosted on the virtual machine using a unique identifier ofthe first web application; and send the revision to the first webapplication hosted on the virtual machine.
 15. The system of claim 11,wherein the processing device further to: associate the first webapplication with a first resource pool of the virtual machine; andassociate the second web application with a second resource pool of thevirtual machine, wherein the first resource pool is segregated from thesecond resource pool.
 16. The system of claim 11, wherein the virtualmachine is a multi-tenant node capable of hosting a plurality of webapplications having a plurality of application owners.
 17. Anon-transitory machine-readable storage medium including instructionsthat, when executed by a processing device, cause the processing deviceto: instantiate a first web application for a first application owner ona virtual machine; and instantiate a second web application for a secondapplication owner, wherein the second application owner is differentthan the first application owner, and to instantiate the second webapplication comprises the processing device further to: determine thatthe second web application is associated with an attribute, wherein thefirst web application is also associated with the attribute, and theattribute comprises an implementation related property of the first webapplication and the second web application; identify the virtual machineas configured to host web applications having the attribute; andresponsive to identifying the virtual machine, instantiate the secondweb application on the virtual machine hosting the first webapplication, wherein the second web application is prevented fromaccessing the first web application and the first web application isprevented from accessing the second web application.
 18. Thenon-transitory machine-readable storage medium of claim 17, wherein theprocessing device further to: associate the first web application with afirst resource pool of the virtual machine; and associate the second webapplication with a second resource pool of the virtual machine, whereinthe first resource pool is segregated from the second resource pool. 19.The non-transitory machine-readable storage medium of claim 17, whereinthe processing device further to: receive a revision to the first webapplication; identify the first web application hosted on the virtualmachine using a unique identifier of the first web application; and sendthe revision to the first web application hosted on the virtual machine.20. The non-transitory machine-readable storage medium of claim 17,wherein the processing device further to determine that the virtualmachine hosting the first web application has capacity to host thesecond web application by determining a number of software repositorieson the virtual machine, and determining a current node utilization usingthe number of software repositories.